Study finds attack detection takes too long

Share this article:

Critical shortcomings in the current approach to cyber security and incident response are putting companies at risk, with 86 percent of respondents to a Ponemon Institute study saying that it takes too long to detect a cyber attack.

And 85 percent of the 1,083 CISOs and security technicians surveyed for the report, Threat Intelligence & Incident Response: A Study of U.S. & EMEA Organizations, conducted by Ponemon and sponsored by incident resolution specialists AccessData, said they didn't have a way to prioritize incidents.

“That's a big problem,” Dr. Larry Ponemon, chairman and founder of the Ponemon Institute, told SCMagazine.com. “Some incidents are really significant and some are Mickey Mouse, bouncing off of the firewall.”

Bombarded by threats from every angle, companies also find it difficult to sift through them all — 61 percent of those surveyed said they receive too many alerts from too many point solutions.

“It's a game of whack-a-mole for them,” Craig Carpenter, chief cyber security strategist at AccessData, told SCMagazine.com.

And those solutions either aren't integrated or are poorly integrated, a problem that 74 percent of the CISOs and security technicians said impairs their ability to respond to threats while 40 percent claim that their security products don't support imported threat intelligence from other sources.

“They want information that's timely and really accurate. Getting both is kind of a Nirvana state, ” said Ponemon.  “But what they're getting is slow moving and “maybe” accurate.”

To close the gaps, Carpenter said, companies need the ability to do three things: automate incident resolution; validate and prioritize threats; and validate information against threat feeds with real time information regarding what's happening outside their own networks.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

More exploits, including Silverlight attack, packed in Nuclear kit

More exploits, including Silverlight attack, packed in Nuclear ...

Since the year's start, the number of exploits used by the kit has doubled, Trend Micro found.

Researchers discover Tinba variant with 64-bit support, other tricks

Researchers discover Tinba variant with 64-bit support, other ...

Seculert researchers discovered a variant of the Tinba banker trojan that can infect more systems and better skirt detection.

Policy violation letters trick SMB workers into downloading malware

Bitdefender researchers detected an uptick in computers infected by Zbot via dozens of ARJ-compressed files.